董事會組成與資訊安全管理有效性之關聯性研究 -以管家理論為觀點

Abstract

本研究的主要目的在於探討台灣上市(櫃)公司董事會組成對於公司資訊安全管理有效性的關聯性。透過管家理論的觀點，以台灣經濟新報資料庫(TEJ)取得董事會組成資料，如:總經理的雙元性、內部董事比例、獨立董事比例，結合手動搜尋網站資料所取得的資訊安全事件樣本，探討董事會組成是否影響資訊安全事件發生的可能性以及資訊安全事件發生的次數。結果顯示，獨立董事占董事總席次的比例愈高，其資訊安全管理有效性愈差。此外，本研究將進一步的透過股權型態的分類來探討探討董事會組成對於公司資訊安全管理有效性的影響，其結果發現，股權型態為家族型態，其內部董事比例愈高、公司規模愈小、獨立董事比例愈低，資訊安全管理成效愈高。股權型態為非家族型態，其董事長與總經理由不同人兼任的企業，資訊安全管理成效愈高。

This thesis focuses on the relationship between the effectiveness of information security management and the composition of the board. We build our hypotheses based on the stewardship theory. Using the data from Corporate Governance DB of Taiwan Economic Journal and the manually-searched information security breaches from Information Security and UDN website, we investigate that whether the composition of the board could affect the occurrence of information security breaches. Our results demonstrate that as the percentage of independent director increases, the effectiveness of information security management decreases. Furthermore，we also investigate the association between the effectiveness of information security management and the composition of the board after classifying by ownership structure- family firm or non-family firm. Our results demonstrate that for family firm, as the percentage of insider director increases, the size of company decreases, and the percentage of independent director has a negative impact on the effectiveness of information security management increase. For non-family firm, chairman and chief executive officer taken by different people has a good impact on the effectiveness of information security management.